CSEC 533: Enterprise Security Infrastructure Controls and Regulatory Compliance (Formerly CNS 533)

Design, implementation, support and management of control methods in enterprise environments. Focus is on how these controls can help organizations achieve regulatory compliance. Review of Sarbanes-Oxley and its impact on IT systems. Detailed study of how risk assessment methods, information security program management and ERP systems can be used to fulfill regulatory and legal requirements. Control Objectives for Information and related Technology (COBIT) guidelines and best practices for SOX compliance. Security management standards (ISO 17799, BS 7799 and ISO 27001) .